Mercurial > trustbridge
annotate ui/sslconnection_curl.cpp @ 1080:898b1ddcca11
help-de: new introduction; switched faq to tech-ref and added arbeitsweise.
author | Bernhard Reiter <bernhard@intevation.de> |
---|---|
date | Thu, 11 Sep 2014 12:00:10 +0200 |
parents | fe2c6666b462 |
children | 508c96e72f62 |
rev | line source |
---|---|
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
1 /* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
2 * Software engineering by Intevation GmbH |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
3 * |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
4 * This file is Free Software under the GNU GPL (v>=2) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
5 * and comes with ABSOLUTELY NO WARRANTY! |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
6 * See LICENSE.txt for details. |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
7 */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
8 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
9 #include "sslconnection_curl.h" |
1058
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
10 #include "logging.h" |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
11 |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
12 #include <polarssl/ssl.h> |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
13 #include <QSaveFile> |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
14 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
15 SSLConnectionCurl::SSLConnectionCurl(const QString& url, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
16 const QByteArray& certificate): |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
17 SSLConnection (url, certificate), |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
18 mCurl (NULL) |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
19 { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
20 curl_global_init(CURL_GLOBAL_DEFAULT); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
21 mCurl = curl_easy_init(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
22 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
23 if (!mCurl) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
24 qDebug() << "Failed to initialize curl"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
25 return; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
26 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
27 |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
28 #ifdef RELEASE_BUILD |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
29 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 1L) != CURLE_OK) { |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
30 #else |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
31 /* For testing we do not have to trust the issuer. This should not |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
32 * be dangerous as we pin the peer certificate directly. */ |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
33 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYPEER, 0L) != CURLE_OK) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
34 #endif |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
35 /* Should be default anyway */ |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
36 qDebug() << "Setting verifypeer failed"; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
37 return; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
38 } |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
39 |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
40 #ifdef RELEASE_BUILD |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
41 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYHOST, 1L) != CURLE_OK) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
42 #else |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
43 /* For testing we do not have to trust host. This should not |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
44 * be dangerous as we pin the peer certificate directly. */ |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
45 if (curl_easy_setopt(mCurl, CURLOPT_SSL_VERIFYHOST, 0L) != CURLE_OK) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
46 #endif |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
47 /* Should be default anyway */ |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
48 qDebug() << "Setting verifypeer failed"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
49 return; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
50 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
51 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
52 if (curl_easy_setopt(mCurl, CURLOPT_ERRORBUFFER, mErrBuf) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
53 qDebug() << "Setting errorbuf failed"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
54 return; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
55 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
56 |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
57 #ifdef RELEASE_BUILD |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
58 if (curl_easy_setopt(mCurl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2) != CURLE_OK) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
59 qDebug() << "Setting ssl version failed."; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
60 return; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
61 } |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
62 #endif |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
63 |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
64 mCertFile.open(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
65 if (mCertFile.write(mPinnedCert) != mPinnedCert.size()) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
66 qDebug() << "Failed to write temporary certificate"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
67 return; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
68 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
69 mCertFile.close(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
70 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
71 if (curl_easy_setopt(mCurl, CURLOPT_CAINFO, |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
72 mCertFile.fileName().toUtf8().constData()) != CURLE_OK) { |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
73 qDebug() << "Failed to set ca certificate"; |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
74 return; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
75 } |
991
6a3d284b9c16
Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
956
diff
changeset
|
76 |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
77 /* If the build fails here maybe you probably forgot to apply the |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
78 * trustbridge patches to curl */ |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
79 if (curl_easy_setopt(mCurl, CURLOPT_PEERCERT, |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
80 mCertFile.fileName().toUtf8().constData()) != CURLE_OK) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
81 qDebug() << "Failed set peer certificate."; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
82 return; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
83 } |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
84 mInitialized = true; |
1058
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
85 if (g_debug) { |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
86 curl_easy_setopt(mCurl, CURLOPT_VERBOSE, 1L); |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
87 } |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
88 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
89 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
90 SSLConnectionCurl::~SSLConnectionCurl() { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
91 if (mCurl) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
92 curl_easy_cleanup (mCurl); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
93 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
94 if (mInitialized) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
95 mCertFile.close(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
96 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
97 curl_global_cleanup(); |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
98 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
99 |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
100 int SSLConnectionCurl::connect() { |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
101 CURLcode retval; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
102 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
103 if (curl_easy_setopt(mCurl, CURLOPT_URL, mUrl.toEncoded().constData()) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
104 qDebug() << "Failed to set URL"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
105 return -1; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
106 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
107 |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
108 if (curl_easy_setopt(mCurl, CURLOPT_CONNECT_ONLY, 1L) != CURLE_OK) { |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
109 qDebug() << "Failed to set connect only option"; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
110 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
111 } |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
112 retval = curl_easy_perform(mCurl); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
113 if (retval != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
114 qDebug() << "Failed to connect: " << mErrBuf << " retval: " << retval; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
115 if (retval == CURLE_PEER_FAILED_VERIFICATION) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
116 mErrorState = InvalidCertificate; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
117 return -1; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
118 } |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
119 if (retval == CURLE_SSL_CONNECT_ERROR) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
120 mErrorState = SSLHandshakeFailed; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
121 return -1; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
122 } |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
123 |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
124 mErrorState = NoConnection; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
125 return -1; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
126 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
127 mConnected = true; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
128 return 0; |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
129 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
130 |
991
6a3d284b9c16
Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
956
diff
changeset
|
131 /* Globally do this as we can't pass "this" (the ptr) to the c function */ |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
132 size_t ssl_curl_max_write, ssl_curl_written; |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
133 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
134 size_t write_data(void *ptr, size_t size, size_t nmemb, |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
135 QSaveFile *fp) |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
136 { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
137 qDebug() << "Writing size: " << size << " * " << nmemb; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
138 if (ssl_curl_max_write < ssl_curl_written) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
139 qDebug() << "Aborting write. Too much data."; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
140 return 0; |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
141 } |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
142 size_t written = fp->write((const char *)ptr, size * nmemb); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
143 if (written != size * nmemb) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
144 qDebug() << "Failed to write data. Written: " << written |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
145 << " requested: " << size * nmemb; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
146 return 0; |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
147 } |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
148 ssl_curl_written += written; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
149 return written; |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
150 } |
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
151 |
1058
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
152 size_t debug_write(void *ptr, size_t size, size_t nmemb, |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
153 void *unused) |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
154 { |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
155 Q_UNUSED(unused); |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
156 |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
157 qDebug() << QString::fromUtf8((const char *)ptr, size * nmemb); |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
158 return size *nmemb; |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
159 } |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
160 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
161 bool SSLConnectionCurl::downloadFile(const QString &resource, |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
162 const QString &fileName, |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
163 size_t maxSize) |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
164 { |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
165 ssl_curl_written = 0; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
166 ssl_curl_max_write = maxSize; |
991
6a3d284b9c16
Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
956
diff
changeset
|
167 QSaveFile outputFile(fileName); |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
168 // Open / Create the file to write to. |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
169 if (!outputFile.open(QIODevice::WriteOnly)) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
170 qDebug() << "Failed to open file"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
171 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
172 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
173 QUrl urlCopy = mUrl; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
174 urlCopy.setPath(resource); |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
175 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
176 if (curl_easy_setopt(mCurl, CURLOPT_URL, urlCopy.toEncoded().constData()) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
177 qDebug() << "Failed to set URL"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
178 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
179 } |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
180 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
181 if (curl_easy_setopt(mCurl, CURLOPT_CONNECT_ONLY, 0L) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
182 qDebug() << "Failed to set connect"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
183 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
184 } |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
185 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
186 if (curl_easy_setopt(mCurl, CURLOPT_HEADER, 0L) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
187 qDebug() << "Failed to set header"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
188 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
189 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
190 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
191 if (curl_easy_setopt(mCurl, CURLOPT_NOBODY, 0L) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
192 qDebug() << "Failed to set no body"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
193 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
194 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
195 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
196 if (curl_easy_setopt(mCurl, CURLOPT_WRITEFUNCTION, write_data) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
197 qDebug() << "Failed to set write function"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
198 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
199 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
200 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
201 if (curl_easy_setopt(mCurl, CURLOPT_WRITEDATA, &outputFile) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
202 qDebug() << "Failed to set write function"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
203 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
204 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
205 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
206 if (curl_easy_perform (mCurl) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
207 qDebug() << "Failed to perform download."; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
208 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
209 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
210 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
211 if (!outputFile.commit()) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
212 qDebug() << "Failed to commit data to filesystem."; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
213 return false; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
214 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
215 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
216 return true; |
908
d1c951b3012d
Curl based implementation of sslconnection
Andre Heinecke <andre.heinecke@intevation.de>
parents:
diff
changeset
|
217 } |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
218 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
219 QDateTime SSLConnectionCurl::getLastModifiedHeader(const QString &resource) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
220 QUrl urlCopy = mUrl; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
221 urlCopy.setPath(resource); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
222 |
1058
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
223 if (curl_easy_setopt(mCurl, CURLOPT_WRITEFUNCTION, debug_write) != CURLE_OK) { |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
224 qDebug() << "Failed to set write function"; |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
225 return QDateTime(); |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
226 } |
fe2c6666b462
(issue46) Add debug option to trustbridge client application
Andre Heinecke <andre.heinecke@intevation.de>
parents:
1004
diff
changeset
|
227 |
910
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
228 if (curl_easy_setopt(mCurl, CURLOPT_URL, urlCopy.toEncoded().constData()) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
229 qDebug() << "Failed to set URL"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
230 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
231 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
232 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
233 if (curl_easy_setopt(mCurl, CURLOPT_CONNECT_ONLY, 0L) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
234 qDebug() << "Failed to set connect"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
235 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
236 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
237 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
238 if (curl_easy_setopt(mCurl, CURLOPT_HEADER, 1L) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
239 qDebug() << "Failed to set header"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
240 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
241 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
242 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
243 if (curl_easy_setopt(mCurl, CURLOPT_NOBODY, 1L) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
244 qDebug() << "Failed to set no body"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
245 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
246 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
247 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
248 if (curl_easy_setopt(mCurl, CURLOPT_FILETIME, 1L) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
249 qDebug() << "Failed to set filetime"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
250 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
251 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
252 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
253 if (curl_easy_perform (mCurl) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
254 qDebug() << "Failed to perform last modified check."; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
255 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
256 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
257 long filetime = 0; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
258 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
259 if (curl_easy_getinfo (mCurl, CURLINFO_FILETIME, &filetime) != CURLE_OK) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
260 qDebug() << "Failed to get filetime"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
261 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
262 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
263 |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
264 if (filetime == -1) { |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
265 qDebug() << "Invalid Time"; |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
266 return QDateTime(); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
267 } |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
268 return QDateTime::fromTime_t(filetime); |
eaed02defe6a
More SSLConnection refactoring. Fixes curl downloader.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
908
diff
changeset
|
269 } |
956
879a634d0a40
(issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents:
942
diff
changeset
|
270 |
879a634d0a40
(issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents:
942
diff
changeset
|
271 void SSLConnectionCurl::setProxy(const QUrl& proxyUrl) { |
879a634d0a40
(issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents:
942
diff
changeset
|
272 if (curl_easy_setopt(mCurl, CURLOPT_PROXY, proxyUrl.toEncoded().constData()) != CURLE_OK) { |
879a634d0a40
(issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents:
942
diff
changeset
|
273 qDebug() << "Failed to set proxy"; |
879a634d0a40
(issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents:
942
diff
changeset
|
274 return; |
879a634d0a40
(issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents:
942
diff
changeset
|
275 } |
879a634d0a40
(issue41) Add proxy support
Andre Heinecke <andre.heinecke@intevation.de>
parents:
942
diff
changeset
|
276 } |
991
6a3d284b9c16
Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
956
diff
changeset
|
277 |
6a3d284b9c16
Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
956
diff
changeset
|
278 void SSLConnectionCurl::setCiphersuites(int ciphers[]) { |
999
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
279 QStringList cipher_list; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
280 for (int i = 0; ciphers[i] != 0; i++) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
281 cipher_list << ssl_get_ciphersuite_name(ciphers[i]); |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
282 } |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
283 |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
284 if (curl_easy_setopt(mCurl, CURLOPT_SSL_CIPHER_LIST, |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
285 cipher_list.join(":").toLatin1().constData()) != CURLE_OK) { |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
286 qDebug() << "Failed to set cipher list"; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
287 return; |
daa9448b64f5
(issue90) Use certificate pinning and forced ciphersuites for curl
Andre Heinecke <andre.heinecke@intevation.de>
parents:
991
diff
changeset
|
288 } |
991
6a3d284b9c16
Delegate certificate loading to base class. Minor cleanups.
Andre Heinecke <andre.heinecke@intevation.de>
parents:
956
diff
changeset
|
289 } |